....bit harsh all the down votes that comment got :)
10 posts • joined 24 Jun 2010
Upside down, you turn me, you're giving bork instinctively: Firefox flips as a train connection is missed
Honeywell, I blew up the qubits: Thermostat maker to offer cloud access to 'world's most powerful quantum computer' within months
Would be really more helpful if people actually shared details of the malware ....new version of what family?...what's new? I know they dont want to admit either employee X click on a link in the email or opened an attachment, or we left RDP, SSH or some other unsecured service open to the internet but a little detail to help the community (I know I'm a dreamer)
Dead LAN's hand: IT staff 'locked out' of data center's core switch after the only bloke who could log into it dies
rubbish statement - takes two to tango
"No clue about VLANs, no clue about if it has STP, or trunking, or anything."
Yes you do - if you have access to the attached switches/devices to the core then you have the other half of the config. Totally agree with the previous comments on the mgmt side should ensure this situation doesn't happen, and backups (all things fail human and silicon) but as a network guy with 20yrs +, STP is a mutual thing as should be the vlan and trunking (packet sniffer will show up most of this). You will need down time for the replacement but hunt for the clues first on the wire and attached devices first if you really are situation. You should not get in to this situation and is bad working practise from all parties, it is a fire fight but not all is lost (if you do not know what your core switch is doing for your critical traffic with out seeing the config please find the door....oh you cant do that with out being provided a map I see your problem!)
F5: Don't panic but folks can slip past vulnerable firewall servers, thanks to libssh's credentials-optional 'security'
Re: Loads of places
100% agreed - looked at nginx last year and tried to see if we could replace our F5 setups and while it covered the basic functionality and some traffic manipulation their sales engineers in the end admitted it couldn't replicate the config....this said they cost a pretty penny but are usually rock solid devices which do what they say on the tin.
When I read the article title it was a brown trouser moment thinking I was about to have a long weekend but the title did not match the content (dont use AFM)
Per the THC site:
"No real solutions exists. The following steps can mitigate (but not solve)
1. Disable SSL-Renegotiation
2. Invest into SSL Accelerator
Either of these countermeasures can be circumventing by modifying
Surely then just limiting connection based upon src IP with renegotiation is a mitigation that can't be circumvented....unless you can spoof the traffic